93 matches found
Security Bulletin: Due to use of Google Protocol Buffers, IBM Operations Analytics – Log Analysis is affected by denial of service.
Summary Google Protocol Buffers in Apache Solr is used by IBM Operations Analytics – Log Analysis as part of the data serialization and communication between services. CVE-2021-22570. Vulnerability Details CVEID:CVE-2021-22570 DESCRIPTION: Nullptr dereference when a null char is present in a prot...
MiracleLinux 8 : protobuf-3.5.0-15.el8 (AXSA:2022-4144:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4144:02 advisory. protobuf: Incorrect parsing of nullchar in the proto symbol leads to Nullptr dereference CVE-2021-22570 Tenable has extracted the preceding description block...
TencentOS Server 3: protobuf (TSSA-2022:0243)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0243 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
CVE-2021-22570 affecting package protobuf 3.14.0-1
CVE-2021-22570 affecting package protobuf 3.14.0-1. No patch is available currently...
Moderate: Red Hat Security Advisory: protobuf security update
An update for protobuf is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : protobuf (RHSA-2024:3433)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3433 advisory. The protobuf packages provide Protocol Buffers, Google's data interchange format. Protocol Buffers can encode structured data in an efficient yet...
Rocky Linux 8 : protobuf (RLSA-2022:7464)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7464 advisory. - Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name...
SUSE SLES15: libprotobuf-lite20 / python2-cryptography / python2-psutil / etc (SUSE-SU-2023:2783-2)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-2 advisory. grpc: - Update in SLE-15 bsc1197726, bsc1144068 protobuf: - Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941,...
SUSE SLES15: libprotobuf-lite20 / python2-cryptography / python2-psutil / etc (SUSE-SU-2023:2783-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2783-1 advisory. grpc: - Update in SLE-15 bsc1197726, bsc1144068 protobuf: - Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941,...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Google Protocol Buffers (CVE-2021-22570)
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Google Protocol Buffers, caused by a NULL pointer dereference when a null char is present in a proto symbol CVE-2021-22570. Google Protocol Buffers protobuf are included as part of the...
[SECURITY] [DLA 3393-1] protobuf security update
Debian LTS Advisory DLA-3393-1 [email protected] https://www.debian.org/lts/security/ Helmut Grohne April 18, 2023 https://wiki.debian.org/LTS Package : protobuf Version : 3.6.1.3-2+deb10u1 CVE ID : CVE-2021-22569 CVE-2021-22570 CVE-2022-1941 This update fixes a NULL pointer derference...
Debian dla-3393 : libprotobuf-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3393 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3393-1 [email protected]...
Amazon Linux 2023 : protobuf, protobuf-compiler, protobuf-devel (ALAS2023-2023-009)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-009 advisory. A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute...
USN-5945-1: Protocol Buffers vulnerabilities
It was discovered that Protocol Buffers did not properly validate field com.google.protobuf.UnknownFieldSet in protobuf-java. An attacker could possibly use this issue to perform a denial of service attack. This issue only affected protobuf Ubuntu 22.04 LTS and Ubuntu 22.10. CVE-2021-22569 It was...
Ubuntu: Security Advisory (USN-5945-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : protobuf (ALAS-2023-1948)
The version of protobuf installed on the remote host is prior to 2.5.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1948 advisory. A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads ...
Medium: protobuf
Issue Overview: A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. CVE-2021-22570 Affect...
Amazon Linux AMI : protobuf, protobuf-compiler, protobuf-devel (ALAS-2023-1676)
It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1676 advisory. A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute...
Medium: protobuf
Issue Overview: A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. CVE-2021-22570 Affect...
Medium: protobuf
Issue Overview: A flaw was found in protobuf. The vulnerability occurs due to incorrect parsing of a NULL character in the proto symbol and leads to a Null pointer dereference. This flaw allows an attacker to execute unauthorized code or commands, read memory, modify memory. CVE-2021-22570 Affect...